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DETAILED ACTION 

1 . The Amendment, and remarks therein, received on 1 1/18/05 have been entered and 
carefully considered. 

Response to Amendment 

2. Although some of the arguments were found persuasive the new search has 
resulted in the newly discovered prior art. New grounds of rejection based on the 
newly discovered prior art follow below. 

3. Claims 1-55 have been examined. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-2, 6-7, 11-15, 19-20, 24-26, 28-31, 37, 40-41, 43-46, 52 and 54 are 
rejected under 35 U.S.C. 103(a) unpatentable over Dan et al. (U.S. Patent No. 
6148290), hereinafter '290 in view of Epsteine et al. (U.S. Patent No. 6684329). 

5. As per claims 1-2 and 1 1 '290 teach generating a plurality of virtual private proxies 
(contract enforcers) based on an agreement (service contract) between a first entity 
(the provider) and a second entity (the client) and associating a first virtual private 
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proxy associated with the first entity and a second virtual private proxy associated 
with the second entity (col. 5. lines 49-63 and col. 6 lines 11-25). 

6. '290 teach monitoring data at received at the first virtual private proxy from the first 
entity, determining whether the data violates the agreement (col. 6 lines 25-47). 

7. '290 do not explicitly teach disallowing communication of the data from the first 
virtual private proxy to the second virtual private proxy when proxy when data 
violation is detected. 

8. Epsteine et al. teach that data is monitored to determine any violation and disallows 
communication of the data from the first virtual private proxy to the second virtual 
private proxy when proxy when data violation is detected (col. 8 line 56- col. 9 line 
23). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to disallow communication between proxies when the data violation is 
detected as taught by Epsteine et al. One of ordinary skill in the art would have been 
motivated to perform such a modification in order to allow only traffic conforming to a 
predetermined security policy. 

9. As per claims 12 '290 do not explicitly teach that monitoring the data comprises 
monitoring data received at the first virtual private proxy to be communicated to the 
first entity. 

However, monitoring data received at the first virtual private proxy to be 
communicated to the first entity is an obvious modification. Proxies are commonly 
used to monitor bi-directional traffic including data sent as well as received in order 
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to protect system's security and it would have been obvious to one of ordinary skill in 
the art at the time of applicant's invention to monitor data received at the first virtual 
private proxy to be communicated to the first entity given benefit of ensuring that the 
data sent to the first entity meets rules of the agreement. 

10. Claims 13-15, 24-26, 28, 37, 40-41, 43 and 52 and 54 are substantially equivalent to 
claims 1-2 and 11-12; therefore claims 13-14, 21, 24-26, 28, 37, 40-41, 43 and 52 
and 54 are similarly rejected. 

11. As per claims 6-7, 19-20, 29, 30-31 and 44-46 the second entity reads on a secure 
switch thus the first virtual private proxy comprises a logical representation of a 
logical access point between the first entity and a secure switch. In order to activate 
the logical access point the logical access point must be accessed and software 
accesses entities such as access point using a logical representation of the entity; 
thus the first virtual private proxy must comprise a logical representation of a logical 
access point. Also, the first virtual private proxy that comprises a logical 
representation of a logical access point is connected with the secure switch and 
through physical means such as communication line 532 that in networks discussed 
by '290 (Background of the invention) are implemented by physical lines. Another 
words, the logical representation of the logical access point between the first virtual 
private proxy and the secure switch is implemented by a physical access (means) 
point between the first entity and the secure switch. 

12. Although in the rejection above the examiner considered that the second entity 
comprising the second virtual private proxies reads on a secure switch, employing 
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an independent third party that ensures non-bias security transactions is old and well 
known in the computer arts. Thus, implementing the first and the second virtual 
proxy on an additional secure switch rather than on the first and second entity would 
be an obvious modification of '290 invention given a benefit of non-bias execution of 
agreement rules by an independent party (a secure switch). 

13. Claims 3-5, 16-18, 38-39 and 53 are rejected under 35 U.S.C. 103(a) unpatentable 
over Dan et al. (U.S. Patent No. 6148290), hereinafter '290, in view of Epsteine et 
al. (U.S. Patent No. 6684329) and further in view of Ashdown et al. (U.S. Patent No. 
6308276). 

14. '290 teach logging violations (col. 6 lines 48-56) and Epsteine et al. teach alarms 
and reporting that is associated with data filtering (col. 10 lines 32-65). 

15. As per claims 3-5, 16-18 and 38-39 and 53 '290 and Epsteine et al. do not explicitly 
teach generating an alarm based on the violation, 5 discarding the data that violates 
the agreement 3 and communicating the alarm to a system administrator. 

16. Ashdown et al. teach (in addition to logging the violation) discarding the data that 
violates the agreement and alarms reported to a system administrator (col. 1 lines 
29-45, col. 3 lines 1-6, Fig. 7, col. 9 lines 12-42, col. 11 lines 63-67). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to implement logging the violation, discarding the data that violates the 
agreement and alarms reported to a system administrator as taught by Ashdown et 
al. One of ordinary skill in the art would have been motivated to perform such a 
modification in order to completely control the data flow. 
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17. Claims 8-10, 21-23, 27, 32-36, 42, 47-51 and 55 are rejected under 35 U.S.C. 

103(a) unpatentable over Dan et al. (U.S. Patent No. 6148290), hereinafter '290 in 

view of Epsteine et al. (U.S. Patent No. 6684329) and further in view of Dan et al. 

(U.S. Pub. 20020178103) hereinafter '103. 
18/290 and Epsteine et al. teach data exchange between entities utilizing the virtual 

private proxies, wherein data is filtered based on the agreement as discussed 

above. 

19. As per claim 8, 10, 21, 23, 27, 32-34, 36, 42,47-49, 51 and 55 '290 and Epsteine et 
al. do not explicitly teach that the entity comprise business, do not teach generating 
the agreement based on two profiles that are associated with the communicating 
entities and that are used to generate the agreement, and do not teach that profiles 
comprise name and contact information, a transport protocol and messaging 
protocol and process specification document [32 and 35]. 

20/103 teach two business entities [1] with profiles comprising name and contact 
information generating an agreement based on two profiles associated with the 
communicating entities [38], the profiles comprising name and contact information 
[35] and messaging protocol [33]. 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to use business profiles to generate an agreement as taught by '103. One 
of ordinary skill in the art would have been motivated to perform such a modification 
in order to easily negotiate a contract based on the advertised businesses capability. 
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21. As per claims 9, 22, 35 and 50 '290, Epsteine et al. and '103 do not teach that the 
profiles comprise a transport security protocol and that the data allowed comprise 
XML data. 

Official Notice is taken that transport security protocols (e.g. IPSec, PPTP, LT2P 
etc.) as well as XML data are and well-known and utilized in data communication 
between entities. Utilizing these protocols are obvious variations that are well known 
in the art. One would have been motivated to include these protocols in profiles and 
include XML data in allowed data especially in light of the benefits of these protocols 
and data as evidenced by their commercial success. 

Conclusion 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Peter Poltorak whose telephone number is 
(571) 272-3840. The examiner can normally be reached Monday through Thursday 
from 9:00 a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gregory Morse can be reached on (571) 272-3838. The fax 
phone number for the organization where this application or proceeding is assigned 
is (571)273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair-direct.uspto.gov. 
Should you have questions on access to the Private PAIR system, contact the 
Electronic Business Center (EBC) at 866-217-9197 (toll-free). 





